Some industry experts said the introduction of draft guidance to implement the Trusted Internet Connections 3.0 policy seeks to reflect the move to separate the Department of Homeland Security's EINSTEIN cybersecurity program from the TIC initiative, Federal News Network reported Tuesday.
“Today's concept of EINSTEIN is going away. It kind of has to happen,“ said Stephen Kovac, vice president of global government and corporate compliance at Zscaler. “TIC 3.0 isn't here to kill EINSTEIN, but decouple it from TIC. I think some form of EINSTEIN will still need to exist. Agencies and DHS still need to collect telemetry data.“
EINSTEIN is an intrusion detection system and Kovac said the platform is mainly focused on tracking netflow data and blocking known threats.
He added several federal agencies have begun developing use cases related to TIC 3.0 as they transition from the current approach. “I think the vision of this will be a catalog of uses cases,“ Kovac said. “The remote worker, the traditional workers, the international users and the bring-your-own-device user. There are 5-to-10 solid use cases so people can find what they want to accomplish.“
Susie Adams, chief technology officer for federal at Microsoft, said the new TIC eliminates EINSTEIN and the managed trusted internet protocol services. “Agencies can now can define their own path to secure their internet connections, and that is huge,“ she said. “It gets rid of the bottleneck."